Openstack Security Vulnerabilities and Issues — Openstack CVE List

Lucene search

RedhatOpenstack

3 matches found

CVE•added 2022/03/04 7:15 p.m.•314 views

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malici...

8.8CVSS8.6AI score0.0005EPSS

CVE•added 2022/03/03 7:15 p.m.•203 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

5.5CVSS5.3AI score0.00228EPSS

CVE•added 2022/03/23 8:15 p.m.•124 views

CVE-2021-4180

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive infor...

4.3CVSS4AI score0.00106EPSS